[OpenAFS] Re: chown()

Jeffrey Hutzelman jhutz@cmu.edu
Wed, 28 Mar 2007 17:56:39 -0400

On Thursday, March 22, 2007 09:55:22 PM -0700 Adam Megacz 
<megacz@cs.berkeley.edu> wrote:

> Ryan Underwood <nemesis-lists@icequake.net> writes:
>> Wouldn't it make sense for a user with 'admin' ACL to be able to
>> chown() files, as long as the target ID is his own userid?
> Even better: let any user who can write to the file change its owner.
> Unless I'm mistaken, if:
>   1. your clients are all set to ignore the setuid bit (which is now
>      the default)
>   2. you disable the "owner of volume root has 'a' rights" behavior
> ... then the unix owner/group of a file is reduced to meaningless
> bookeeping to make AFS "look UNIXy" -- the same status the go+rwx bits
> (and sticky bit?) currently have.

Not true.  There are a number of subtle uses of file owners in AFS, 
particularly with regard to how directories work where you have 'i' but not 
'w'.  However, I don't see any harm to allowing anyone with 'a' rights on a 
file to change its owner, provided this causes the setid bits to be cleared.

-- Jeff